Windows XP SP2 TCP/IP "Patch"

By Frank
in Microsoft (Windows)

 Share

Recommended Posts

Grand Master

jamend

Posted
Posted

I applied the patch and I have noticed significant improvements. Before I applied it, browsing the web was slow and I had trouble making connections while using Bit Torrent (with ~20 files downloading at once), but now everything is running fine again. I wouldn't recommend it for people who don't have as many torrents as I do going at once though since it does create a security risk.

Link to comment
Share on other sites
Proficient

Mastertech

Posted
Posted

If you read the link there is no security risk. Restricting TCP/IP settings is not going to stop the spread of viruses, only antivirus software will.

Link to comment
Share on other sites
Mentor

Weasel

Posted
Posted
Would you please point out some of these third party applications?  These applications have to send out 10 unanswered connections a second in order for this limitation to take affect.

585249709[/snapback]

I think your understanding of TCP/IP is a little off. SYN requests stay in the queue for 75 seconds (according to the RFC, the MS implementation may be slightly more or less), not 1 second. eMule typically creates 300 full connections for a single popular file. Lets say that on average 50% of connection attempts fail. That would mean 600 connection attempts are made and 300 connection attempts fail. 300 SYN requests going through a queue with a 10 request limit and 75 second purge time would take 37.5 minutes to complete. ((300 / 10) * 75 seconds) / 60 seconds per minute.

Thankfully eMule is smart enough to cancel these requests before the TCP stack drops them, so it doesn't take a half hour in reality, but this is just an example of problems caused by the limits.

Link to comment
Share on other sites
Grand Master

Mando

Posted
Posted
I'm glad you guys created this thread. The "TCP/IP patch" almost tops the "LargeSystemCache" tweak for its uselessness and danger.

I think some P2P apps will trigger 4226s because the nodelist is always in flux (people log out, etc.), making it appear as if the P2P app is making many connections to invalid destinations. In any case, all SP2 does is throttle the invalid lookups.

585250703[/snapback]

"Adjust LArgeSystemCache" works perfectly fine with XP & a NVIDIA based gfx card. Only ATIS fall over when you enabled largesystemcache. My 3dmark 05 value went up 75 or so marks since adjusting my large sys cache.

But this is well documented on the web.

makes a fair difference to my machine having tweaked "AdjustLargeSystemcache"

:yes:

Link to comment
Share on other sites
Grand Master

Brandon Live Veteran

Posted
  • Veteran
Posted
I think your understanding of TCP/IP is a little off.  SYN requests stay in the queue for 75 seconds (according to the RFC, the MS implementation may be slightly more or less), not 1 second.  eMule typically creates 300 full connections for a single popular file.  Lets say that on average 50% of connection attempts fail.  That would mean 600 connection attempts are made and 300 connection attempts fail.  300 SYN requests going through a  queue with a 10 request limit and 75 second purge time would take 37.5 minutes to complete.  ((300 / 10) * 75 seconds) / 60 seconds per minute.

585266703[/snapback]

That has nothing to do with this limitation, though. And removing it isn't going to affect the way the Pre-SP2 TCP/IP stack worked.

If you think you're seeing an improved P2P experience after installing this patch, the real problem is called observer error.

Sure, you can be downloading a file at 20KB/s, install this patch, start the download again and get 70KB/s.

But it has nothing to do with the patch. You simply got a better connection to a seed. If you had left the download going and not installed the patch, chances are your download speed would have increased to 70KB/s anyway.

Link to comment
Share on other sites
Grand Master

John Veteran

Posted
  • Veteran
Posted

^ Exactly. Instead of using file-sharing apps (in which speeds are largely unreliable) test with network diagnostic tools to determine speeds, or run speed tests from any of the hundreds available online (Y)

Link to comment
Share on other sites
Proficient

Mastertech

Posted
Posted

This patch has nothing to do with download speeds only search speeds where there are alot of failed outbound connection attempts. With P2P apps this very common.

Link to comment
Share on other sites
Mentor

bkellner

Posted
Posted (edited)

One thing I'll point out is that the 4226 system events are not errors, only warnings. The system marks this event as a warning because it could potentially be a virus or some other malicious type of program.

Frank and gameguy are both correct in saying this does not affect P2P applications, as I've been saying since this patch was released, and have posted in the original patch threads and on other forums.

About P2P applications, I commonly get over 250kb/s with bittorrent and connect to over a hundred people on each torrent file open. I have never patched. This should be proof enough that the limit does not affect P2P applications. Also, I reach those speeds within minutes from starting the download.

Edited by knigitz
Link to comment
Share on other sites
Proficient

Mastertech

Posted
Posted

I don't know where it got started that this affects download speeds, it has nothing to do with data transfer rates of files. But saying it does not affect P2P apps is just not true. It directly affects search queries where you get alot of failed connection attempts, this can happen frequently with P2P apps. Therefore search results can take much longer to display.

Link to comment
Share on other sites
Collaborator

umteen

Posted
Posted

hehe, I was one of the ones against the patch and was often correcting people on forums when they called it connections instead of connection attempts per second, but now I have used the patch or a version of it, just to stop getting the notifications in event viewer.

In some circumstances using bittorrent it can make a difference if you are in a hurry to download a big file and the swarm is huge. That's my experience anyway. It can make the difference of staying low down in the swarm with bad speeds or climbing up quickly and finishing the download at a decent speed. Bittorrent can be like that.

And to Frank who suggested to someone earlier in this thread to check for virus when they had 70-ish notifications in event viewer, that is totally wrong, you obviously don't do much bittorrenting, or havn't observed what happens under a wide vaiety of circumstances with huge swarms. These notifications can be fairly common and getting about 70 of them is easy to do. It has in the case of using bittorrent (or eMule I think) absolutely nothing whatsoever to do with a virus. When you are infected with one of the pests that attempt to connect out on to the net, you will see a lot more than 70 notifications.

Link to comment
Share on other sites
Proficient

joshpo

Posted
Posted

I also will take a stand and defend the patch, I was getting lots in the event viewer on BT and it cleared that up, I download from a big swarm at 500-600k.

Link to comment
Share on other sites
Grand Master

John Veteran

Posted
  • Veteran
Posted
I also will take a stand and defend the patch, I was getting lots in the event viewer on BT and it cleared that up, I download from a big swarm at 500-600k.

585369172[/snapback]

Yes, of course it will "clear them up", but you should be more interested in WHY so many connections are being attempted (note: not made/completed) in the first place.

Link to comment
Share on other sites
Experienced

StevenNT

Posted
Posted

I agree with GameGuy on this.

Fix the issue and not just bodge it / cover it up and pretend it's not there.

it's there for a reason

Link to comment
Share on other sites
  • 2 weeks later...
Grand Master

Frank

Posted
  • Author
Posted
The patch is not a botch job, it's not cosmetic, it's real, it works for the situations it's supposed to work in.

585419295[/snapback]

Like what? I am currently downloading 10 items through Bittorent (Azureus) and have not seen a single error.

Link to comment
Share on other sites
Proficient

CrimsonBetrayal

Posted
Posted

Well all I have to say is, if your using legit software and have configured your network right (yes Im assuming many of you may connect through a high speed modem or router such and an ADSL or SDSL connection) then you should not need this patch. If your not configured properly then most likely you will get many of these errors as the packets are not making it through. reversing security on your system and bitching at MS for putting security in place when you've spent the last 15 years bitching about the lack of security is a little like the pot and the kettle dont you think??

Link to comment
Share on other sites
Grand Master

jamend

Posted
Posted
Well all I have to say is, if your using legit software and have configured your network right (yes Im assuming many of you may connect through a high speed modem or router such and an ADSL or SDSL connection) then you should not need this patch. If your not configured properly then most likely you will get many of these errors as the packets are not making it through. reversing security on your system and bitching at MS for putting security in place when you've spent the last 15 years bitching about the lack of security is a little like the pot and the kettle dont you think??

585420730[/snapback]

Are you a RIAA fanboy or what? P2P programs are not illegal...

Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.